casino_core-authenticator-activerecord 0.0.1 → 1.0.0

data/Gemfile.lock

@@ -3,6 +3,7 @@ PATH
   specs:
     casino_core-authenticator-activerecord (0.0.1)
       activerecord (~> 3.2.12)
+      bcrypt-ruby (~> 3.0.1)
       unix-crypt (~> 1.0.2)
 
 GEM
@@ -20,6 +21,7 @@ GEM
       i18n (~> 0.6)
       multi_json (~> 1.0)
     arel (3.0.2)
+    bcrypt-ruby (3.0.1)
     builder (3.0.4)
     diff-lcs (1.1.3)
     i18n (0.6.1)

data/casino_core-authenticator-activerecord.gemspec

@@ -24,4 +24,5 @@ Gem::Specification.new do |s|
 
   s.add_runtime_dependency 'activerecord', '~> 3.2.12'
   s.add_runtime_dependency 'unix-crypt', '~> 1.0.2'
+  s.add_runtime_dependency 'bcrypt-ruby', '~> 3.0.1'
 end

data/lib/casino_core/authenticator/activerecord.rb

@@ -1,5 +1,6 @@
 require 'active_record'
 require 'unix_crypt'
+require 'bcrypt'
 
 class CASinoCore::Authenticator::ActiveRecord
 
@@ -32,6 +33,20 @@ class CASinoCore::Authenticator::ActiveRecord
 
   private
   def valid_password?(password, password_from_database)
+    magic = password_from_database.split('$')[1]
+    case magic
+    when /\A2a?\z/
+      valid_password_with_bcrypt?(password, password_from_database)
+    else
+      valid_password_with_unix_crypt?(password, password_from_database)
+    end
+  end
+
+  def valid_password_with_bcrypt?(password, password_from_database)
+    BCrypt::Password.new(password_from_database) == password
+  end
+
+  def valid_password_with_unix_crypt?(password, password_from_database)
     UnixCrypt.valid?(password, password_from_database)
   end
 

data/lib/casino_core/authenticator/activerecord/version.rb

@@ -1,7 +1,7 @@
 module CASinoCore
   class Authenticator
     class ActiveRecord
-      VERSION = '0.0.1'
+      VERSION = '1.0.0'
     end
   end
 end

data/spec/casino_core/authenticator/activerecord_spec.rb

@@ -64,6 +64,18 @@ describe CASinoCore::Authenticator::ActiveRecord do
       end
     end
 
+    context 'support for bcrypt' do
+      before do
+        CASinoCore::Authenticator::ActiveRecord::User.create!(
+          username: 'test2',
+          password: '$2a$10$dRFLSkYedQ05sqMs3b265e0nnJSoa9RhbpKXU79FDPVeuS1qBG7Jq', # password: testpassword2
+          mail_address: 'mail@example.org')
+      end
+
+      it 'is able to handle bcrypt password hashes' do
+        @authenticator.validate('test2', 'testpassword2').should be_instance_of(Hash)
+      end
+    end
 
   end
 

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: casino_core-authenticator-activerecord
 version: !ruby/object:Gem::Version
-  version: 0.0.1
+  version: 1.0.0
   prerelease: 
 platform: ruby
 authors:
@@ -108,6 +108,22 @@ dependencies:
     - - ~>
       - !ruby/object:Gem::Version
         version: 1.0.2
+- !ruby/object:Gem::Dependency
+  name: bcrypt-ruby
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 3.0.1
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 3.0.1
 description: This gem can be used to allow the CASinoCore backend to authenticate
   against an SQL server using ActiveRecord.
 email:
@@ -124,7 +140,6 @@ files:
 - LICENSE.txt
 - README.md
 - Rakefile
-- VERSION
 - casino_core-authenticator-activerecord.gemspec
 - lib/casino_core-authenticator-activerecord.rb
 - lib/casino_core/authenticator/activerecord.rb

data/VERSION

@@ -1 +0,0 @@
-0.0.1